from flask import Blueprint, render_template, url_for, flash, redirect, request, abort, current_app
from flask_login import login_user, current_user, logout_user, login_required
from flaskBlog import db, bcrypt
from flaskBlog.models import User, Post
from flaskBlog.users.forms import (RegistrationForm, LoginForm, AccountForm,
                                   RequestResetForm, ResetPasswordForm)
from flaskBlog.users.utils import save_picture, send_reset_email, rm_picture

users = Blueprint('users', __name__)


@users.route('/register', methods=['GET', 'POST'])
def register():
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    form = RegistrationForm()
    if form.validate_on_submit():
        hashed_pwd = bcrypt.generate_password_hash(
            form.password.data).decode('utf-8')
        user = User(username=form.username.data,
                    email=form.email.data, password=hashed_pwd)
        db.session.add(user)
        db.session.commit()
        flash('Your account has been created! You are now able to log in.', 'success')
        return redirect(url_for('users.login'))
    return render_template('register.j2', title='Register', form=form)


@users.route('/login', methods=['GET', 'POST'])
def login():
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    form = LoginForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        if user and bcrypt.check_password_hash(user.password, form.password.data):
            login_user(user, remember=form.remember.data)
            next_page = request.args.get('next')
            return redirect(next_page) if next_page else redirect(url_for('main.home'))
        else:
            flash('Login Unsuccessful. Please check email and password', 'danger')
    return render_template('login.j2', title='Login', form=form)


@users.route('/logout')
def logout():
    logout_user()
    return redirect(url_for('main.home'))


@users.route('/account', methods=['GET', 'POST'])
@login_required
def account():
    form = AccountForm()
    if form.validate_on_submit():
        if form.picture.data:
            picture_file = save_picture(form.picture.data)
            current_user.image_file = picture_file
        current_user.username = form.username.data
        current_user.email = form.email.data
        db.session.commit()  # 已经在db中,不需要add了
        flash('Your account has been updated!', 'success')
        return redirect(url_for('users.account'))  # reload
    elif request.method == 'GET':
        form.username.data = current_user.username
        form.email.data = current_user.email

    image_file = url_for(
        'static', filename='profile_pics/'+current_user.image_file)
    return render_template('account.j2', title='Account',
                           image_file=image_file, form=form)


@users.route('/user/<string:username>')
def user_posts(username):
    page = request.args.get('page', 1, type=int)
    user = User.query.filter_by(username=username).first_or_404()
    posts = Post.query.filter_by(author=user).order_by(
        Post.date_posted.desc()).paginate(page=page, per_page=5)
    return render_template('user_posts.j2', posts=posts, user=user)


@users.route('/reset_password', methods=['GET', 'POST'])
def reset_request():
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    form = RequestResetForm()
    if form.validate_on_submit():
        user = User.query.filter_by(email=form.email.data).first()
        send_reset_email(user)
        flash('An email has been sent with instructions to reset your password.', 'info')
        return redirect(url_for('users.login'))
    return render_template('reset_request.j2', title="Reset Password", form=form)


@users.route('/reset_password/<token>', methods=['GET', 'POST'])
def reset_token(token):
    if current_user.is_authenticated:
        return redirect(url_for('main.home'))
    user = User.verify_reset_token(token)
    if user is None:
        flash('That is an invalid or expired token', 'warning')
        return redirect(url_for('users.reset_request'))
    form = ResetPasswordForm()
    if form.validate_on_submit():
        hashed_pwd = bcrypt.generate_password_hash(
            form.password.data).decode('utf-8')
        user.password = hashed_pwd
        db.session.commit()
        flash('Your password has been updated! You are now able to log in.', 'success')
        return redirect(url_for('users.login'))
    return render_template('reset_token.j2', title="Reset Password", form=form)


# 管理员功能
@users.route('/admin/users')
@login_required
def admin_get_users():
    if current_user.username != 'admin':
        abort(403)
    user_list = User.query.all()
    return render_template('user_list.j2', title='Users', user_list=user_list)


@users.route('/admin/user/<int:user_id>/reset_pwd')
@login_required
def admin_reset_user(user_id):
    if current_user.username != 'admin':
        abort(403)
    user = User.query.get_or_404(user_id)
    default_pwd = '123456'
    user.password = bcrypt.generate_password_hash(default_pwd).decode('utf-8')
    db.session.commit()

    current_app.logger.info('>>> 管理员重置[%s]用户密码', user.username)
    flash('The password of user ['+user.username +
          '] has been set to '+default_pwd, 'success')
    return redirect(url_for('users.admin_get_users'))


@users.route('/admin/user/<int:user_id>/delete', methods=['GET', 'POST'])
@login_required
def admin_delete_user(user_id):
    if current_user.username != 'admin':
        abort(403)
    user = User.query.get_or_404(user_id)

    rm_picture(user.image_file)
    [db.session.delete(post) for post in user.posts]
    db.session.delete(user)
    db.session.commit()

    current_app.logger.info('>>> 管理员删除用户 [%s]', user.username)
    flash('User ['+user.username+'] has been deleted!', 'success')
    return redirect(url_for('users.admin_get_users'))
